Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S945650AbcJSPo0 (ORCPT ); Wed, 19 Oct 2016 11:44:26 -0400 Received: from s3.sipsolutions.net ([5.9.151.49]:35755 "EHLO sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S945496AbcJSPoM (ORCPT ); Wed, 19 Oct 2016 11:44:12 -0400 Message-ID: <1476862995.5927.3.camel@sipsolutions.net> Subject: Re: [PATCH] crypto: ccm - avoid scatterlist for MAC encryption From: Johannes Berg To: Herbert Xu , Ard Biesheuvel Cc: Andy Lutomirski , Sergey Senozhatsky , "" , "David S. Miller" , "" , "linux-kernel@vger.kernel.org" , Jouni Malinen Date: Wed, 19 Oct 2016 09:43:15 +0200 In-Reply-To: <20161019033157.GA1457@gondor.apana.org.au> References: <1476551776-8099-1-git-send-email-ard.biesheuvel@linaro.org> <1476689310.19992.1.camel@sipsolutions.net> <20161019033157.GA1457@gondor.apana.org.au> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5-1 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1127 Lines: 33 On Wed, 2016-10-19 at 11:31 +0800, Herbert Xu wrote: > On Mon, Oct 17, 2016 at 06:21:14PM +0100, Ard Biesheuvel wrote: > > > > > > Annoyingly, all this complication with scatterlists etc is for > > doing > > asynchronous crypto via DMA capable crypto accelerators, and the > > networking code (ipsec as well as mac80211, afaik) only allow > > synchronous in the first place, given that they execute in softirq > > context. > > I'm still thinking about the issue (in particular, whether we > should continue to rely on the request context being SG-capable > or allow it to be on the stack for AEAD). :) > But IPsec definitely supports async crypto.  In fact it was the > very first user of async crypto. Yeah. > mac80211 on the other hand is currently sync-only. We could probably make mac80211 do that too, but can we guarantee in- order processing? Anyway, it's pretty low priority, maybe never happening, since hardly anyone really uses "software" crypto, the wifi devices mostly have it built in anyway. (One problem is that the skb->cb is already completely full, so we can't stash away the AAD there) johannes